EUVD-2014-7722

Malware in sbrugna...

Comodo GeekBuddy Local Elevation of Privilege Vulnerability

Comodo GeekBuddy is an online computer support system from Comodo USA. Comodo GeekBuddy suffers from a local elevation of privilege vulnerability. A local attacker could use this vulnerability to gain elevated privileges and bypass the sandbox...

Comodo Anti-Virus - SHFolder.dll Local Privilege Elevation Exploit

Exploit for windows platform in category local exploits SHFolder.DLL Local Privilege Elevation Exploit for Comodo Anti-Virus GeekBuddy Component by @LaughingMantis Greg Linares Since it took 146 days to fix a DLL Hijack issue I decided to drop this PoC: Technical Geeky Stuff GeekBuddy stores...

Comodo Anti-Virus GeekBuddy DLL Hijacking

...... ,;''''''''''''''''';, .;''''''''''''''''''''''''''', :''''''''+';:,..,:;'''''''''': ,;'''''';,. ,;'''''';: :'''''',. ,'''''';. ;+''+': ,; ,''''';. ;'''';. .:;' . ;'''''. :+'''; ,:+'' ';;',''; :''''; .''''; ,';' '':' ';,''',' :''' .'' :'''', ;'''' ;'' :+. ;';, ';:' '''',;:+ '', ;'''' .''''...

Tavis Ormandy Discloses Comodo GeekBuddy VNC Server

Just when you thought it was safe to dive back into the Comodo waters, Google researcher Tavis Ormandy has surfaced with more trouble. Publicly disclosed yesterday on the Google Project Zero site, Ormandy said that a tech support application called GeekBuddy installed with Comodo Internet Securit...

CVE-2014-7872

Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server...

Design/Logic Flaw

Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server...

CVE-2014-7872

CVE-2014-7872 affects Comodo GeekBuddy prior to 4.18.121, where the VNC server runs with lax access controls, allowing local privilege escalation by connecting to the VNC server (passwordless, background service). Some sources note a potential remote vector via CSRF-like attacks with a web-based ...

CVE-2014-7872

Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server...

Comodo GeekBuddy Local Lift Vulnerability

Comodo GeekBuddy is an online computer support system. A local elevation of privilege vulnerability exists in Comodo GeekBuddy, which allows local attackers to exploit the vulnerability to elevate privileges...

Comodo GeekBuddy 4.18.121 - Local Privilege Escalation

Comodo GeekBuddy 4.18.121 - Local Privilege Escalation Comodo GeekBuddy Local Privilege Escalation CVE-2014-7872 Jeremy Brown jbrown3264/gmail -Synopsis- Comodo GeekBuddy, which is bundled with Comodo Anti-Virus, Comodo Firewall and Comodo Internet Security, runs a passwordless, background VNC...

Comodo GeekBuddy < 4.18.121 - Local Privilege Escalation

Comodo GeekBuddy Local Privilege Escalation CVE-2014-7872 Jeremy Brown jbrown3264/gmail -Synopsis- Comodo GeekBuddy, which is bundled with Comodo Anti-Virus, Comodo Firewall and Comodo Internet Security, runs a passwordless, background VNC server and listens for incoming connections. This can all...

Comodo GeekBuddy Local Privilege Escalation

Comodo GeekBuddy Local Privilege Escalation CVE-2014-7872 Jeremy Brown jbrown3264/gmail -Synopsis- Comodo GeekBuddy, which is bundled with Comodo Anti-Virus, Comodo Firewall and Comodo Internet Security, runs a passwordless, background VNC server and listens for incoming connections. This can all...